<?php
/**
 * 登录验证控制器
 */
namespace Admin\Controller;
use Think\Controller;
class LoginController extends Controller {
	
	// 登录页
    public function index() {
    	//如果已经登录
    	if (session('?logined') && session('logined') === true && session('?uid') && session('uid')) {
    		$this->redirect('Admin/Index/index');
    	}
    	$this->display('Login/index');
    }
    
    // 登录验证
    public function checkin() {
    	if (!IS_AJAX) {
    		$this->error('非法操作！');
    	}
    	$username = I('username','','strip_tags,trim');
    	$password = I('password','','strip_tags,trim');
    	$secode = I('secode','','strip_tags,trim');
    
    	// 数据校验
    	if (empty($username)) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'用户名不能为空！','field'=>'username'));
    	}
    	
    	if (empty($password)) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'密码不能为空！','field'=>'password'));
    	}
    	
    	// 验证码校验
    	if (!$this->check_verify($secode)) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'验证码不正确！','field'=>'secode'));
    	}
    	
    	// 是否非法用户名
    	if (!is_username($username)) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'用户名或密码不正确！','field'=>''));
    	}
    	
    	$adminModel = D('Admin');
    	$userInfo = $adminModel->getUserInfoByName($username);
    	
    	if (empty($userInfo)) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'用户名或密码不正确！','field'=>''));
    	}
    	
    	// 密码校验
    	if (md5($password.$userInfo['salt']) != $userInfo['password']) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'用户名或密码不正确！','field'=>''));
    	}
    	
    	// 是否被禁用
    	if ($userInfo['status'] == 0) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'您的账号已被锁定，无权登录，请联系超级管理员！','field'=>''));
    	}
    	
    	// 已标记删除
    	if ($userInfo['status'] == -1) {
    		$this->ajaxReturn(array('error'=>1,'errmsg'=>'用户名或密码不正确！','field'=>''));
    	}
    	
		$role = M('Role')->field('id,name,right')->where(array('id'=>$userInfo['role']))->find();
    	$role_right = array();
    	
    	if (!empty($role['right'])) {
    		$tmp = M('Permission')->field('action')->where(array('id'=>array('IN',$role['right'])))->select();
    		if (!empty($tmp)) {
    			foreach ($tmp as $k=>$v) {
    				$role_right[] = strtolower(U($v['action']));
    			}
    		}
    	}
		
    	// 记录SESSION
    	session('logined',true);
    	session('uid',$userInfo['id']);
    	session('username',$userInfo['username']);
    	session('nickname',$userInfo['nickname']);
    	session('email',$userInfo['email']);
    	session('role',$userInfo['role']);
    	session('status',$userInfo['status']);
    	session('createtime',date('Y-m-d H:i:s',$userInfo['createtime']));
    	session('lasttime',date('Y-m-d H:i:s',$userInfo['lasttime']));
    	session('role_right',$role_right); //权限
		session('role_name',$role['name']);//权限
		
    	$adminModel->upLastloginTime();
    	
    	$this->ajaxReturn(array('error'=>0,'errmsg'=>'登录成功','field'=>''));
    }
    
    // 生成验证码
    public function verify() {
    	$config = array(
    		'imageW' => 280,
    		'seKey' => 'secode'
    	);
    	$Verify = new \Think\Verify($config);
    	$Verify->entry();
    }
    
    // 校验验证码
    protected function check_verify($code, $id = '') {
    	$config = array(
    		'imageW' => 280,
    		'seKey' => 'secode'
    	);
    	$verify = new \Think\Verify($config);
    	return $verify->check($code, $id);
    }
    
    // 空操作
    public function _empty() {
    	$this->redirect('Admin/Login/index');
    }
    
}